An internetwork is a collection of individual networks connected with intermediate networking devices and functions as a single large network. Different networks can be interconnected by routers and other networking devices to create an internetwork.
A local area network (LAN) is a data network that covers a relatively small geographic area. It typically connects workstations, personal computers, printers and other devices. A wide area network (WAN) is a data communication network that covers a relatively broad geographic area. Wide area networks (WANs) interconnect LANs across normal telephone lines and, for instance, optical networks; thereby interconnecting geographically disposed users.
There is a need to protect data and resources from disclosure, to guarantee the authenticity of data, and to protect systems from network based attacks.
The IP security protocols (IPSec) provides the capability to secure communications between arbitrary hosts, e.g. across a LAN, across private and public wide area networks (WANs) and across the internet.
IPSec can encrypt and/or authenticate traffic at IP level. Traffic going in to a WAN is typically compressed and encrypted and traffic coming from a WAN is decrypted and decompressed. IPSec is defined by certain documents, which contain rules for the IPSec architecture. The documents that define IPSec, are, for the time being, the Request For Comments (RFC) series of the Internet Engineering Task Force (IETF), in particular, RFCs 2401-2412.
Security association (SA) is a key concept in the authentication and the confidentiality mechanisms for IP. A security association is a one-way relationship between a sender and a receiver that offers security services to the traffic carried on it.
A security association is uniquely identified by parameters of which the first one, the Security Parameters Index (SPI), is a bit string assigned to this SA. The SPI enables the receiving system to select the SA under which a received packet will be processed. IP destination address is the second parameter, which is the address of the destination end point of the SA, which may be an end user system or a network system such as a firewall or a router. The third parameter is the secure protocol being used, i.e., ESP or AH.
The term IPsec connection is used in what follows in place of an IPSec bundle of one or more security associations, or a pair of IPSec bundles—one bundle for each direction—of one or more security associations. This term thus covers both unidirectional and bidirectional traffic protection. There is no implication of symmetry of the directions, i.e., the algorithms and IPSec transforms used for each direction may be different.
Several networks, for instance many corporate and Internet Service Provider (ISP) networks, use so-called private IP addresses. These are addresses internal to the network in question, and which cannot be used in the Internet. The motivation is usually to conserve the use of public IP addresses, the number of which is limited by the IP protocol specification. If a message is sent from such a private network to a computer outside the private network, e.g. to the public Internet, the private sender address needs to be translated into the public IP address space used in the Internet. This translation is referred to as the Network Address Translation (NAT) algorithm. A more comprehensive version of message address translation encompasses not only IP address fields, but also transport protocol fields, such as TCP or UDP ports. This is done because the Transmission Control Protocol, TCP, and the User Datagram Protocol, UDP, are widely deployed transport layer protocols that are generally used with IP, and the TCP and UDP port number translations enable several sessions to be multiplexed to a single public IP address. Such translations are often called Network Address Port Translation (NAPT). The term NAT, in this document, refers to all such translation methods.
Some NAT algorithms support only a subset of existing IP-based protocols. That is, if a protocol that is not supported by a given NAT device is used, the traffic using that protocol will be blocked by the device. The same applies if an ordinary intermediate host, e.g. a router, is configured to block certain types of traffic. In such cases, the message can be encapsulated in another protocol that passes through such intermediate computers. Tunnelling is one method for encapsulating packets of a given protocol into packets of another protocol, in order to overcome such limitations posed by the intermediate computers. The tunnelling is applied at the so-called entry point of the tunnel, while the reverse, i.e. uncovering the original packet, is done at the so-called exit point of the tunnel.
NAT traversal technologies are used to (1) determine whether a NAT device (or several NAT devices) exist in the route between two communicating hosts, and to (2) perform necessary encapsulation to overcome the NAT translations. There might also be other translations, such as protocol translations, performed by a NAT device or another intermediate device. For instance, IPv4 may be translated to IPv6, and vice versa.
When secure messages are desired to be sent from a network requiring NAT translations, the IPSec protocols can be used. There exist several solutions for IPSec NAT traversal. The Internet Engineering Task Force (IETF) is currently in the process of standardising a solution for IPSec NAT traversal.
Even though IPsec provides a strong security solution that already supports traversal through NAT devices, IPsec is static in nature. If either of the hosts sharing an IPSec SA are mobile, i.e. a host moves from one IP network to another, a new security association must be set up each time such movement takes place. This usually involves an IKE protocol execution.
Such an IKE protocol execution involves several round trips in order to set up a new SA for the new network used. In a known IPSec NAT traversal method, developed in the IETF, the key exchange phase requires the use of IKE main mode, which consists of six messages, followed by IKE quick mode, which consists of three messages, for a total of nine messages. If the IKE aggressive mode, which consists of three messages, is used instead of main mode, a total of six messages are required.
There are several disadvantages of this solution. Firstly, the round trip times may be considerable if there is a considerable routing latency between the new network and the other IPSec endpoint. The latency between two communicating nodes is usually measured in terms of round trip delay (also called round trip latency). A round trip latency is a measure of the time it takes for a packet to be sent from one communicating node to another, and for the other node to send a reply packet back to the sender.
For instance, if the network has a round trip latency of 500 ms, which is not unusual, and IKE main mode is used, the total network latency for an IPSec connection setup is 500×(9/2) ms=2250 ms. This may be unacceptable for some mobile applications. Secondly, the IKE key exchange requires the use of several computationally expensive algorithms, such as the Diffie-Hellman algorithm, and possibly the RSA signature and signature verification algorithms. Such algorithms may require considerable computation for mobile devices, which may be limited in their processing power.